Security considerations when designing a distributed file system using object storage devices

Proceedings - 1st International IEEE Security in Storage Workshop, SISW 2002

Volumn , Issue , 2003, Pages 24-34

  Reed, B C ^a   Smith, M A ^a   Diklic, D ^a  

^a IBM ALMADEN RESEARCH CENTER   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

AUTHENTICATION; DIGITAL STORAGE; VIRTUAL STORAGE;

AUTHENTICATION INFRASTRUCTURE; AUTHENTICATION PROTOCOLS; DISTRIBUTED FILE SYSTEMS; DISTRIBUTED OBJECTS; OBJECT STORAGE DEVICES; SECURITY CONSIDERATIONS; SECURITY INFRASTRUCTURE; SECURITY WEAKNESS;

FILE ORGANIZATION;

EID: 84962770253     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/SISW.2002.1183507     Document Type: Conference Paper

References (21)

1. M. K. Aguilera, M. Ji, M. Lillibridge, J. MacCormick, E. Oertli, D. Andersen, M. Burrows, T. Mann, and C. Thekkath. Block-level security for network-attached disks. In USENIX Conference on File and Storage Technologies (FAST), March 2003 (to appear).
2. S. M. Bellovin. Security problems in the TCP/IP protocol suite. Computer Communication Review, 19(2):32-48, April 1989.
3. M. Blaze. A cryptographic file system for UNIX. In First ACM Conference on Communication and Computing Security, pages 9-16, November 1993.
4. B. Callaghan, B. Pawlowski, and P. Staubach. NFS version 3 protocol specification. RFC 1813, June 1995.
5. G. Cattaneo, L. Catuogno, A. D. Sorbo, and P. Persiano. The design and implementation of a transparent cryptographic filesystem for unix. In USENIX Annual Technical Conference 2001. USENIX, June 2001.
6. T. Dierks and C. Allen. The TLS protocol version 1.0. RFC 2246, January1999.
7. G. A. Gibson, D. F. Nagle, K. Amiri, F. W. Chang, E. M. Feinberg, H. Gobioff, C. Lee, B. Ozceri, E. Riedel, D. Rochberg, and J. Zelenka. File server scaling with network-attached secure disks. In Proceedings of the ACM International Conference on Measurement and Modeling of Computer Systems (Sigmetrics), pages 272-284, June 1997.
8. T. O. Group. Protocols for X/Open PC Internetworking: SMB, Version 2. September 1992.
9. J. Hodges and R. Morgan. Lightweight directory access protocol (v3): Technical specification. RFC 3377, September 2002.
10. J. H. Howard, M. L. Kazar, S. G. Menees, D. A. Nichols, M. Satyanarayanan, R. N. Sidebotham, and M. J. West. Scale and performance in a distributed file system. In ACM Transactions on Computer Systems, volume 6.1, pages 51-81, February1988.
11. M. L. Kazar, B. W. Leverett, O. T. Anderson, V. Apostolides, B. A. Bottos, S. Chutani, C. F. Everhart, W. A. Mason, S.- T. Tu, and E. R. Zayas. Decorum file system architectural overview. In Proceedings of the Usenix Summer 1990 Technical Conference, pages 151-164. USENIX, June 1990.
12. H. Krawczk, M. Bellare, and R. Canetti. HMAC: Keyed-hashing for message authentication. RFC 2104, February 1997.
13. J. Kubiatowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W. Weimer, C. Wells, and B. Zhao. Oceanstore: An architecture for global-scale persistent storage. In ASPLOS, December 1999.
14. D. Mazieres, M. Kaminsky, M. Kaashoek, and E. Witchel. Separating key management from file system security. In SOSP, December 1999.
15. E. L. Miller, W. E. Freeman, D. D. E. Long, and B. C. Reed. Strong securityfor network-attached storage. In USENIX Conference on File and Storage Technologies (FAST), pages 1-14, Jan. 2002.
16. C. Neumann and T. Ts'o. Kerberos: An authentication service for computer networks. IEEE Communications Magazine, September 1994.
17. B. C. Reed, E. G. Chron, R. C. Burns, and D. D. Long. Authenticating network-attached storage. IEEE Micro, 20(1):49-57, January/February 2000.
18. S. Shepler, B. Callaghan, D. Robinson, R. Thurlow, C. Beame, M. Eisler, and D. Noveck. NFS version 4 protocol. RFC 3010, December 2000.
19. U.S. Government. Proposed federal information processing standard for secure hash standard. Federal Register, January 1992.
20. E. Zadok, I. Badulescu, and A. Shender. Cryptfs: A stackable vnode level encryption file system. Technical Report CUCS-021-98, Columbia University, June 1998.
21. E. Zadok and J. Nieh. Fist: A language for stackable file systems. In Proceedings of the USENIX Annual Technical Conference. USENIX, June 2000.